PR-CPA advantage

The plaintext-recovery-under-chosen-plaintext-attack advantage (PR-CPA advantage) is defined as the probability that an algorithm with fixed computational resources can use a chosen-plaintext attack to decrypt a randomly selected message that has been encrypted with a symmetric cipher.^[1]^:99 It is regarded as a fundamental quantity in cryptography since every symmetric encryption scheme must obviously must have a very low PR-CPA advantage to be secure. Though having a low susceptibility to this sort of attack is a necessary condition for an encryption scheme's security, it is not sufficient to ensure security. This is because partial information about the plaintext can often be recovered (for example the least significant bit of the message).^[1]^:14

References

1 2 Goldwasser, S. and Bellare, M. "Lecture Notes on Cryptography". Summer course on cryptography, MIT, 1996-2001

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.

[ShafiBellare-1] 1 2 Goldwasser, S. and Bellare, M. "Lecture Notes on Cryptography". Summer course on cryptography, MIT, 1996-2001